/*
 * Wazuh Vulnerability Scanner - Unit Tests
 * Copyright (C) 2015, Wazuh Inc.
 * September 21, 2023.
 *
 * This program is free software; you can redistribute it
 * and/or modify it under the terms of the GNU General Public
 * License (version 2) as published by the FSF - Free Software
 * Foundation.
 */

#include "packageScanner_test.hpp"
#include "../../../../shared_modules/utils/flatbuffers/include/syscollector_deltas_generated.h"
#include "../../../../shared_modules/utils/flatbuffers/include/syscollector_deltas_schema.h"
#include "../../../../shared_modules/utils/flatbuffers/include/syscollector_synchronization_generated.h"
#include "../../../../shared_modules/utils/flatbuffers/include/syscollector_synchronization_schema.h"
#include "../databaseFeedManager/databaseFeedManager.hpp"
#include "../scanOrchestrator/scanOrchestrator.hpp"
#include "MockDatabaseFeedManager.hpp"
#include "TrampolineOsDataCache.hpp"
#include "flatbuffers/flatbuffer_builder.h"
#include "flatbuffers/flatbuffers.h"
#include "flatbuffers/idl.h"
#include "json.hpp"

using ::testing::_;

namespace NSPackageScannerTest
{
    const std::string DELTA_PACKAGES_INSERTED_MSG =
        R"(
            {
                "agent_info": {
                    "agent_id": "001",
                    "agent_ip": "192.168.33.20",
                    "agent_name": "focal",
                    "node_name": "node01"
                },
                "data_type": "dbsync_packages",
                "data": {
                    "architecture": "amd64",
                    "checksum": "1e6ce14f97f57d1bbd46ff8e5d3e133171a1bbce",
                    "description": "library for GIF images library",
                    "format": "deb",
                    "groups": "libs",
                    "item_id": "ec465b7eb5fa011a336e95614072e4c7f1a65a53",
                    "multiarch": "same",
                    "name": "libgif7",
                    "priority": "optional",
                    "scan_time": "2023/08/04 19:56:11",
                    "size": 72,
                    "source": "giflib",
                    "vendor": "Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>",
                    "version": "5.1.9",
                    "install_time": "1577890801"
                },
                "operation": "INSERTED"
            }
        )";

    const std::string CANDIDATES_AFFECTED_LESS_THAN_INPUT =
        R"(
            {
                "candidates": [
                    {
                        "cveId": "CVE-2024-1234",
                        "defaultStatus": 0,
                        "platforms": [
                            "upstream"
                        ],
                        "versions": [
                            {
                                "lessThan": "5.2.0",
                                "status": "affected",
                                "version": "0",
                                "versionType": "custom"
                            }
                        ]
                    }
                ]
            }
        )";

    const std::string CANDIDATES_AFFECTED_LESS_THAN_OR_EQUAL_INPUT =
        R"(
            {
                "candidates": [
                    {
                        "cveId": "CVE-2024-1234",
                        "defaultStatus": 0,
                        "platforms": [
                            "upstream"
                        ],
                        "versions": [
                            {
                                "lessThanOrEqual": "5.2.0",
                                "status": "affected",
                                "version": "0",
                                "versionType": "custom"
                            }
                        ]
                    }
                ]
            }
        )";

    const std::string CANDIDATES_AFFECTED_LESS_THAN_WITH_VERSION_NOT_ZERO_INPUT =
        R"(
            {
                "candidates": [
                    {
                        "cveId": "CVE-2024-1234",
                        "defaultStatus": 0,
                        "platforms": [
                            "upstream"
                        ],
                        "versions": [
                            {
                                "lessThan": "5.2.0",
                                "status": "affected",
                                "version": "5.1.0",
                                "versionType": "custom"
                            }
                        ]
                    }
                ]
            }
        )";

    const std::string CANDIDATES_UNAFFECTED_LESS_THAN_INPUT =
        R"(
            {
                "candidates": [
                    {
                        "cveId": "CVE-2024-1234",
                        "defaultStatus": 0,
                        "platforms": [
                            "upstream"
                        ],
                        "versions": [
                            {
                                "lessThan": "5.2.0",
                                "status": "unaffected",
                                "version": "0",
                                "versionType": "custom"
                            }
                        ]
                    }
                ]
            }
        )";

    const std::string CANDIDATES_AFFECTED_EQUAL_TO_INPUT =
        R"(
            {
                "candidates": [
                    {
                        "cveId": "CVE-2024-1234",
                        "defaultStatus": 0,
                        "platforms": [
                            "upstream"
                        ],
                        "versions": [
                            {
                                "status": "affected",
                                "version": "5.1.9",
                                "versionType": "custom"
                            }
                        ]
                    }
                ]
            }
        )";

    const std::string CANDIDATES_UNAFFECTED_EQUAL_TO_INPUT =
        R"(
            {
                "candidates": [
                    {
                        "cveId": "CVE-2024-1234",
                        "defaultStatus": 0,
                        "platforms": [
                            "upstream"
                        ],
                        "versions": [
                            {
                                "status": "unaffected",
                                "version": "5.1.9",
                                "versionType": "custom"
                            }
                        ]
                    }
                ]
            }
        )";

    const std::string CANDIDATES_DEFAULT_STATUS_AFFECTED_INPUT =
        R"(
            {
                "candidates": [
                    {
                        "cveId": "CVE-2024-1234",
                        "defaultStatus": 0,
                        "platforms": [
                            "upstream"
                        ],
                        "versions": [
                            {
                                "lessThan": "5.1.0",
                                "status": "affected",
                                "version": "0",
                                "versionType": "custom"
                            }
                        ]
                    }
                ]
            }
        )";

    const std::string CANDIDATES_DEFAULT_STATUS_UNAFFECTED_INPUT =
        R"(
            {
                "candidates": [
                    {
                        "cveId": "CVE-2024-1234",
                        "defaultStatus": 1,
                        "platforms": [
                            "upstream"
                        ],
                        "versions": [
                            {
                                "lessThan": "5.1.0",
                                "status": "affected",
                                "version": "0",
                                "versionType": "custom"
                            }
                        ]
                    }
                ]
            }
        )";

    const char* INCLUDE_DIRECTORIES[] = {FLATBUFFER_SCHEMAS_DIR, nullptr};

    const std::string CANDIDATES_FLATBUFFER_SCHEMA_PATH {FLATBUFFER_SCHEMAS_DIR "/vulnerabilityCandidate.fbs"};

    const std::string CVEID {"CVE-2024-1234"};
} // namespace NSPackageScannerTest

using namespace NSPackageScannerTest;

void PackageScannerTest::SetUp() {}

void PackageScannerTest::TearDown()
{
    spOsDataCacheMock.reset();
}

TEST_F(PackageScannerTest, TestPackageAffectedEqualTo)
{
    auto mockGetVulnerabilitiesCandidates =
        [&](const std::string& cnaName,
            std::string_view packageName,
            const std::function<bool(const std::string& cnaName,
                                     const NSVulnerabilityScanner::ScanVulnerabilityCandidate&)>& callback)
    {
        std::string candidatesFlatbufferSchemaStr;

        // Read schemas from filesystem.
        bool valid =
            flatbuffers::LoadFile(CANDIDATES_FLATBUFFER_SCHEMA_PATH.c_str(), false, &candidatesFlatbufferSchemaStr);
        ASSERT_EQ(valid, true);

        // Parse schemas and JSON example.
        flatbuffers::Parser fbParser;
        valid = (fbParser.Parse(candidatesFlatbufferSchemaStr.c_str(), INCLUDE_DIRECTORIES) &&
                 fbParser.Parse(CANDIDATES_AFFECTED_EQUAL_TO_INPUT.c_str()));
        ASSERT_EQ(valid, true);

        auto candidatesArray =
            GetScanVulnerabilityCandidateArray(reinterpret_cast<const uint8_t*>(fbParser.builder_.GetBufferPointer()));

        if (candidatesArray)
        {
            for (const auto& candidate : *candidatesArray->candidates())
            {
                if (callback(cnaName, *candidate))
                {
                    // If the candidate is vulnerable, we stop looking for.
                    break;
                }
            }
        }
    };

    Os osData {.hostName = "osdata_hostname",
               .architecture = "osdata_architecture",
               .name = "osdata_name",
               .codeName = "upstream",
               .majorVersion = "osdata_majorVersion",
               .minorVersion = "osdata_minorVersion",
               .patch = "osdata_patch",
               .build = "osdata_build",
               .platform = "osdata_platform",
               .version = "osdata_version",
               .release = "osdata_release",
               .displayVersion = "osdata_displayVersion",
               .sysName = "osdata_sysName",
               .kernelVersion = "osdata_kernelVersion",
               .kernelRelease = "osdata_kernelRelease"};

    spOsDataCacheMock = std::make_shared<MockOsDataCache>();
    EXPECT_CALL(*spOsDataCacheMock, getOsData(_)).WillRepeatedly(testing::Return(osData));

    auto spDatabaseFeedManagerMock = std::make_shared<MockDatabaseFeedManager>();
    EXPECT_CALL(*spDatabaseFeedManagerMock, getCnaNameByFormat(_)).WillOnce(testing::Return("cnaName"));
    EXPECT_CALL(*spDatabaseFeedManagerMock, getVulnerabilitiesCandidates(_, _, _))
        .WillOnce(testing::Invoke(mockGetVulnerabilitiesCandidates));

    flatbuffers::Parser parser;
    ASSERT_TRUE(parser.Parse(syscollector_deltas_SCHEMA));
    ASSERT_TRUE(parser.Parse(DELTA_PACKAGES_INSERTED_MSG.c_str()));
    uint8_t* buffer = parser.builder_.GetBufferPointer();
    std::variant<const SyscollectorDeltas::Delta*, const SyscollectorSynchronization::SyncMsg*, const nlohmann::json*>
        syscollectorDelta = SyscollectorDeltas::GetDelta(reinterpret_cast<const char*>(buffer));
    auto scanContextOriginal = std::make_shared<TScanContext<TrampolineOsDataCache>>(syscollectorDelta);

    TPackageScanner<MockDatabaseFeedManager, TScanContext<TrampolineOsDataCache>> packageScanner(
        spDatabaseFeedManagerMock);

    std::shared_ptr<TScanContext<TrampolineOsDataCache>> scanContextResult;
    EXPECT_NO_THROW(scanContextResult = packageScanner.handleRequest(scanContextOriginal));

    ASSERT_TRUE(scanContextResult != nullptr);

    EXPECT_EQ(scanContextResult->m_elements.size(), 1);
    EXPECT_NE(scanContextResult->m_elements.find(CVEID), scanContextResult->m_elements.end());

    EXPECT_EQ(scanContextResult->m_matchConditions.size(), 1);
    EXPECT_NE(scanContextResult->m_matchConditions.find(CVEID), scanContextResult->m_matchConditions.end());

    auto& matchCondition = scanContextResult->m_matchConditions[CVEID];
    EXPECT_EQ(matchCondition.condition, MatchRuleCondition::Equal);
    EXPECT_STREQ(matchCondition.version.c_str(), "5.1.9");
}

TEST_F(PackageScannerTest, TestPackageUnaffectedEqualTo)
{
    auto mockGetVulnerabilitiesCandidates =
        [&](const std::string& cnaName,
            std::string_view packageName,
            const std::function<bool(const std::string& cnaName,
                                     const NSVulnerabilityScanner::ScanVulnerabilityCandidate&)>& callback)
    {
        std::string candidatesFlatbufferSchemaStr;

        // Read schemas from filesystem.
        bool valid =
            flatbuffers::LoadFile(CANDIDATES_FLATBUFFER_SCHEMA_PATH.c_str(), false, &candidatesFlatbufferSchemaStr);
        ASSERT_EQ(valid, true);

        // Parse schemas and JSON example.
        flatbuffers::Parser fbParser;
        valid = (fbParser.Parse(candidatesFlatbufferSchemaStr.c_str(), INCLUDE_DIRECTORIES) &&
                 fbParser.Parse(CANDIDATES_UNAFFECTED_EQUAL_TO_INPUT.c_str()));
        ASSERT_EQ(valid, true);

        auto candidatesArray =
            GetScanVulnerabilityCandidateArray(reinterpret_cast<const uint8_t*>(fbParser.builder_.GetBufferPointer()));

        if (candidatesArray)
        {
            for (const auto& candidate : *candidatesArray->candidates())
            {
                if (callback(cnaName, *candidate))
                {
                    // If the candidate is vulnerable, we stop looking for.
                    break;
                }
            }
        }
    };

    Os osData {.hostName = "osdata_hostname",
               .architecture = "osdata_architecture",
               .name = "osdata_name",
               .codeName = "upstream",
               .majorVersion = "osdata_majorVersion",
               .minorVersion = "osdata_minorVersion",
               .patch = "osdata_patch",
               .build = "osdata_build",
               .platform = "osdata_platform",
               .version = "osdata_version",
               .release = "osdata_release",
               .displayVersion = "osdata_displayVersion",
               .sysName = "osdata_sysName",
               .kernelVersion = "osdata_kernelVersion",
               .kernelRelease = "osdata_kernelRelease"};

    spOsDataCacheMock = std::make_shared<MockOsDataCache>();
    EXPECT_CALL(*spOsDataCacheMock, getOsData(_)).WillRepeatedly(testing::Return(osData));

    auto spDatabaseFeedManagerMock = std::make_shared<MockDatabaseFeedManager>();
    EXPECT_CALL(*spDatabaseFeedManagerMock, getCnaNameByFormat(_)).WillOnce(testing::Return("cnaName"));
    EXPECT_CALL(*spDatabaseFeedManagerMock, getVulnerabilitiesCandidates(_, _, _))
        .WillOnce(testing::Invoke(mockGetVulnerabilitiesCandidates));

    flatbuffers::Parser parser;
    ASSERT_TRUE(parser.Parse(syscollector_deltas_SCHEMA));
    ASSERT_TRUE(parser.Parse(DELTA_PACKAGES_INSERTED_MSG.c_str()));
    uint8_t* buffer = parser.builder_.GetBufferPointer();
    std::variant<const SyscollectorDeltas::Delta*, const SyscollectorSynchronization::SyncMsg*, const nlohmann::json*>
        syscollectorDelta = SyscollectorDeltas::GetDelta(reinterpret_cast<const char*>(buffer));
    auto scanContextOriginal = std::make_shared<TScanContext<TrampolineOsDataCache>>(syscollectorDelta);

    TPackageScanner<MockDatabaseFeedManager, TScanContext<TrampolineOsDataCache>> packageScanner(
        spDatabaseFeedManagerMock);

    std::shared_ptr<TScanContext<TrampolineOsDataCache>> scanContextResult;
    EXPECT_NO_THROW(scanContextResult = packageScanner.handleRequest(scanContextOriginal));

    EXPECT_TRUE(scanContextResult == nullptr);
}

TEST_F(PackageScannerTest, TestPackageAffectedLessThan)
{
    auto mockGetVulnerabilitiesCandidates =
        [&](const std::string& cnaName,
            std::string_view packageName,
            const std::function<bool(const std::string& cnaName,
                                     const NSVulnerabilityScanner::ScanVulnerabilityCandidate&)>& callback)
    {
        std::string candidatesFlatbufferSchemaStr;

        // Read schemas from filesystem.
        bool valid =
            flatbuffers::LoadFile(CANDIDATES_FLATBUFFER_SCHEMA_PATH.c_str(), false, &candidatesFlatbufferSchemaStr);
        ASSERT_EQ(valid, true);

        // Parse schemas and JSON example.
        flatbuffers::Parser fbParser;
        valid = (fbParser.Parse(candidatesFlatbufferSchemaStr.c_str(), INCLUDE_DIRECTORIES) &&
                 fbParser.Parse(CANDIDATES_AFFECTED_LESS_THAN_INPUT.c_str()));
        ASSERT_EQ(valid, true);

        auto candidatesArray =
            GetScanVulnerabilityCandidateArray(reinterpret_cast<const uint8_t*>(fbParser.builder_.GetBufferPointer()));

        if (candidatesArray)
        {
            for (const auto& candidate : *candidatesArray->candidates())
            {
                if (callback(cnaName, *candidate))
                {
                    // If the candidate is vulnerable, we stop looking for.
                    break;
                }
            }
        }
    };

    Os osData {.hostName = "osdata_hostname",
               .architecture = "osdata_architecture",
               .name = "osdata_name",
               .codeName = "upstream",
               .majorVersion = "osdata_majorVersion",
               .minorVersion = "osdata_minorVersion",
               .patch = "osdata_patch",
               .build = "osdata_build",
               .platform = "osdata_platform",
               .version = "osdata_version",
               .release = "osdata_release",
               .displayVersion = "osdata_displayVersion",
               .sysName = "osdata_sysName",
               .kernelVersion = "osdata_kernelVersion",
               .kernelRelease = "osdata_kernelRelease"};

    spOsDataCacheMock = std::make_shared<MockOsDataCache>();
    EXPECT_CALL(*spOsDataCacheMock, getOsData(_)).WillRepeatedly(testing::Return(osData));

    auto spDatabaseFeedManagerMock = std::make_shared<MockDatabaseFeedManager>();
    EXPECT_CALL(*spDatabaseFeedManagerMock, getCnaNameByFormat(_)).WillOnce(testing::Return("cnaName"));
    EXPECT_CALL(*spDatabaseFeedManagerMock, getVulnerabilitiesCandidates(_, _, _))
        .WillOnce(testing::Invoke(mockGetVulnerabilitiesCandidates));

    flatbuffers::Parser parser;
    ASSERT_TRUE(parser.Parse(syscollector_deltas_SCHEMA));
    ASSERT_TRUE(parser.Parse(DELTA_PACKAGES_INSERTED_MSG.c_str()));
    uint8_t* buffer = parser.builder_.GetBufferPointer();
    std::variant<const SyscollectorDeltas::Delta*, const SyscollectorSynchronization::SyncMsg*, const nlohmann::json*>
        syscollectorDelta = SyscollectorDeltas::GetDelta(reinterpret_cast<const char*>(buffer));
    auto scanContextOriginal = std::make_shared<TScanContext<TrampolineOsDataCache>>(syscollectorDelta);

    TPackageScanner<MockDatabaseFeedManager, TScanContext<TrampolineOsDataCache>> packageScanner(
        spDatabaseFeedManagerMock);

    std::shared_ptr<TScanContext<TrampolineOsDataCache>> scanContextResult;
    EXPECT_NO_THROW(scanContextResult = packageScanner.handleRequest(scanContextOriginal));

    ASSERT_TRUE(scanContextResult != nullptr);

    EXPECT_EQ(scanContextResult->m_elements.size(), 1);
    EXPECT_NE(scanContextResult->m_elements.find(CVEID), scanContextResult->m_elements.end());

    EXPECT_EQ(scanContextResult->m_matchConditions.size(), 1);
    EXPECT_NE(scanContextResult->m_matchConditions.find(CVEID), scanContextResult->m_matchConditions.end());

    auto& matchCondition = scanContextResult->m_matchConditions[CVEID];
    EXPECT_EQ(matchCondition.condition, MatchRuleCondition::LessThan);
    EXPECT_STREQ(matchCondition.version.c_str(), "5.2.0");
}

TEST_F(PackageScannerTest, TestPackageAffectedLessThanOrEqual)
{
    auto mockGetVulnerabilitiesCandidates =
        [&](const std::string& cnaName,
            std::string_view packageName,
            const std::function<bool(const std::string& cnaName,
                                     const NSVulnerabilityScanner::ScanVulnerabilityCandidate&)>& callback)
    {
        std::string candidatesFlatbufferSchemaStr;

        // Read schemas from filesystem.
        bool valid =
            flatbuffers::LoadFile(CANDIDATES_FLATBUFFER_SCHEMA_PATH.c_str(), false, &candidatesFlatbufferSchemaStr);
        ASSERT_EQ(valid, true);

        // Parse schemas and JSON example.
        flatbuffers::Parser fbParser;
        valid = (fbParser.Parse(candidatesFlatbufferSchemaStr.c_str(), INCLUDE_DIRECTORIES) &&
                 fbParser.Parse(CANDIDATES_AFFECTED_LESS_THAN_OR_EQUAL_INPUT.c_str()));
        ASSERT_EQ(valid, true);

        auto candidatesArray =
            GetScanVulnerabilityCandidateArray(reinterpret_cast<const uint8_t*>(fbParser.builder_.GetBufferPointer()));

        if (candidatesArray)
        {
            for (const auto& candidate : *candidatesArray->candidates())
            {
                if (callback(cnaName, *candidate))
                {
                    // If the candidate is vulnerable, we stop looking for.
                    break;
                }
            }
        }
    };

    Os osData {.hostName = "osdata_hostname",
               .architecture = "osdata_architecture",
               .name = "osdata_name",
               .codeName = "upstream",
               .majorVersion = "osdata_majorVersion",
               .minorVersion = "osdata_minorVersion",
               .patch = "osdata_patch",
               .build = "osdata_build",
               .platform = "osdata_platform",
               .version = "osdata_version",
               .release = "osdata_release",
               .displayVersion = "osdata_displayVersion",
               .sysName = "osdata_sysName",
               .kernelVersion = "osdata_kernelVersion",
               .kernelRelease = "osdata_kernelRelease"};

    spOsDataCacheMock = std::make_shared<MockOsDataCache>();
    EXPECT_CALL(*spOsDataCacheMock, getOsData(_)).WillRepeatedly(testing::Return(osData));

    auto spDatabaseFeedManagerMock = std::make_shared<MockDatabaseFeedManager>();
    EXPECT_CALL(*spDatabaseFeedManagerMock, getCnaNameByFormat(_)).WillOnce(testing::Return("cnaName"));
    EXPECT_CALL(*spDatabaseFeedManagerMock, getVulnerabilitiesCandidates(_, _, _))
        .WillOnce(testing::Invoke(mockGetVulnerabilitiesCandidates));

    flatbuffers::Parser parser;
    ASSERT_TRUE(parser.Parse(syscollector_deltas_SCHEMA));
    ASSERT_TRUE(parser.Parse(DELTA_PACKAGES_INSERTED_MSG.c_str()));
    uint8_t* buffer = parser.builder_.GetBufferPointer();
    std::variant<const SyscollectorDeltas::Delta*, const SyscollectorSynchronization::SyncMsg*, const nlohmann::json*>
        syscollectorDelta = SyscollectorDeltas::GetDelta(reinterpret_cast<const char*>(buffer));
    auto scanContextOriginal = std::make_shared<TScanContext<TrampolineOsDataCache>>(syscollectorDelta);

    TPackageScanner<MockDatabaseFeedManager, TScanContext<TrampolineOsDataCache>> packageScanner(
        spDatabaseFeedManagerMock);

    std::shared_ptr<TScanContext<TrampolineOsDataCache>> scanContextResult;
    EXPECT_NO_THROW(scanContextResult = packageScanner.handleRequest(scanContextOriginal));

    ASSERT_TRUE(scanContextResult != nullptr);

    EXPECT_EQ(scanContextResult->m_elements.size(), 1);
    EXPECT_NE(scanContextResult->m_elements.find(CVEID), scanContextResult->m_elements.end());

    EXPECT_EQ(scanContextResult->m_matchConditions.size(), 1);
    EXPECT_NE(scanContextResult->m_matchConditions.find(CVEID), scanContextResult->m_matchConditions.end());

    auto& matchCondition = scanContextResult->m_matchConditions[CVEID];
    EXPECT_EQ(matchCondition.condition, MatchRuleCondition::LessThanOrEqual);
    EXPECT_STREQ(matchCondition.version.c_str(), "5.2.0");
}

TEST_F(PackageScannerTest, TestPackageAffectedLessThanWithVersionNotZero)
{
    auto mockGetVulnerabilitiesCandidates =
        [&](const std::string& cnaName,
            std::string_view packageName,
            const std::function<bool(const std::string& cnaName,
                                     const NSVulnerabilityScanner::ScanVulnerabilityCandidate&)>& callback)
    {
        std::string candidatesFlatbufferSchemaStr;

        // Read schemas from filesystem.
        bool valid =
            flatbuffers::LoadFile(CANDIDATES_FLATBUFFER_SCHEMA_PATH.c_str(), false, &candidatesFlatbufferSchemaStr);
        ASSERT_EQ(valid, true);

        // Parse schemas and JSON example.
        flatbuffers::Parser fbParser;
        valid = (fbParser.Parse(candidatesFlatbufferSchemaStr.c_str(), INCLUDE_DIRECTORIES) &&
                 fbParser.Parse(CANDIDATES_AFFECTED_LESS_THAN_WITH_VERSION_NOT_ZERO_INPUT.c_str()));
        ASSERT_EQ(valid, true);

        auto candidatesArray =
            GetScanVulnerabilityCandidateArray(reinterpret_cast<const uint8_t*>(fbParser.builder_.GetBufferPointer()));

        if (candidatesArray)
        {
            for (const auto& candidate : *candidatesArray->candidates())
            {
                if (callback(cnaName, *candidate))
                {
                    // If the candidate is vulnerable, we stop looking for.
                    break;
                }
            }
        }
    };

    Os osData {.hostName = "osdata_hostname",
               .architecture = "osdata_architecture",
               .name = "osdata_name",
               .codeName = "upstream",
               .majorVersion = "osdata_majorVersion",
               .minorVersion = "osdata_minorVersion",
               .patch = "osdata_patch",
               .build = "osdata_build",
               .platform = "osdata_platform",
               .version = "osdata_version",
               .release = "osdata_release",
               .displayVersion = "osdata_displayVersion",
               .sysName = "osdata_sysName",
               .kernelVersion = "osdata_kernelVersion",
               .kernelRelease = "osdata_kernelRelease"};

    spOsDataCacheMock = std::make_shared<MockOsDataCache>();
    EXPECT_CALL(*spOsDataCacheMock, getOsData(_)).WillRepeatedly(testing::Return(osData));

    auto spDatabaseFeedManagerMock = std::make_shared<MockDatabaseFeedManager>();
    EXPECT_CALL(*spDatabaseFeedManagerMock, getCnaNameByFormat(_)).WillOnce(testing::Return("cnaName"));
    EXPECT_CALL(*spDatabaseFeedManagerMock, getVulnerabilitiesCandidates(_, _, _))
        .WillOnce(testing::Invoke(mockGetVulnerabilitiesCandidates));

    flatbuffers::Parser parser;
    ASSERT_TRUE(parser.Parse(syscollector_deltas_SCHEMA));
    ASSERT_TRUE(parser.Parse(DELTA_PACKAGES_INSERTED_MSG.c_str()));
    uint8_t* buffer = parser.builder_.GetBufferPointer();
    std::variant<const SyscollectorDeltas::Delta*, const SyscollectorSynchronization::SyncMsg*, const nlohmann::json*>
        syscollectorDelta = SyscollectorDeltas::GetDelta(reinterpret_cast<const char*>(buffer));
    auto scanContextOriginal = std::make_shared<TScanContext<TrampolineOsDataCache>>(syscollectorDelta);

    TPackageScanner<MockDatabaseFeedManager, TScanContext<TrampolineOsDataCache>> packageScanner(
        spDatabaseFeedManagerMock);

    std::shared_ptr<TScanContext<TrampolineOsDataCache>> scanContextResult;
    EXPECT_NO_THROW(scanContextResult = packageScanner.handleRequest(scanContextOriginal));

    ASSERT_TRUE(scanContextResult != nullptr);

    EXPECT_EQ(scanContextResult->m_elements.size(), 1);
    EXPECT_NE(scanContextResult->m_elements.find(CVEID), scanContextResult->m_elements.end());

    EXPECT_EQ(scanContextResult->m_matchConditions.size(), 1);
    EXPECT_NE(scanContextResult->m_matchConditions.find(CVEID), scanContextResult->m_matchConditions.end());

    auto& matchCondition = scanContextResult->m_matchConditions[CVEID];
    EXPECT_EQ(matchCondition.condition, MatchRuleCondition::LessThan);
    EXPECT_STREQ(matchCondition.version.c_str(), "5.2.0");
}

TEST_F(PackageScannerTest, TestPackageUnaffectedLessThan)
{
    auto mockGetVulnerabilitiesCandidates =
        [&](const std::string& cnaName,
            std::string_view packageName,
            const std::function<bool(const std::string& cnaName,
                                     const NSVulnerabilityScanner::ScanVulnerabilityCandidate&)>& callback)
    {
        std::string candidatesFlatbufferSchemaStr;

        // Read schemas from filesystem.
        bool valid =
            flatbuffers::LoadFile(CANDIDATES_FLATBUFFER_SCHEMA_PATH.c_str(), false, &candidatesFlatbufferSchemaStr);
        ASSERT_EQ(valid, true);

        // Parse schemas and JSON example.
        flatbuffers::Parser fbParser;
        valid = (fbParser.Parse(candidatesFlatbufferSchemaStr.c_str(), INCLUDE_DIRECTORIES) &&
                 fbParser.Parse(CANDIDATES_UNAFFECTED_LESS_THAN_INPUT.c_str()));
        ASSERT_EQ(valid, true);

        auto candidatesArray =
            GetScanVulnerabilityCandidateArray(reinterpret_cast<const uint8_t*>(fbParser.builder_.GetBufferPointer()));

        if (candidatesArray)
        {
            for (const auto& candidate : *candidatesArray->candidates())
            {
                if (callback(cnaName, *candidate))
                {
                    // If the candidate is vulnerable, we stop looking for.
                    break;
                }
            }
        }
    };

    Os osData {.hostName = "osdata_hostname",
               .architecture = "osdata_architecture",
               .name = "osdata_name",
               .codeName = "upstream",
               .majorVersion = "osdata_majorVersion",
               .minorVersion = "osdata_minorVersion",
               .patch = "osdata_patch",
               .build = "osdata_build",
               .platform = "osdata_platform",
               .version = "osdata_version",
               .release = "osdata_release",
               .displayVersion = "osdata_displayVersion",
               .sysName = "osdata_sysName",
               .kernelVersion = "osdata_kernelVersion",
               .kernelRelease = "osdata_kernelRelease"};

    spOsDataCacheMock = std::make_shared<MockOsDataCache>();
    EXPECT_CALL(*spOsDataCacheMock, getOsData(_)).WillRepeatedly(testing::Return(osData));

    auto spDatabaseFeedManagerMock = std::make_shared<MockDatabaseFeedManager>();
    EXPECT_CALL(*spDatabaseFeedManagerMock, getCnaNameByFormat(_)).WillOnce(testing::Return("cnaName"));
    EXPECT_CALL(*spDatabaseFeedManagerMock, getVulnerabilitiesCandidates(_, _, _))
        .WillOnce(testing::Invoke(mockGetVulnerabilitiesCandidates));

    flatbuffers::Parser parser;
    ASSERT_TRUE(parser.Parse(syscollector_deltas_SCHEMA));
    ASSERT_TRUE(parser.Parse(DELTA_PACKAGES_INSERTED_MSG.c_str()));
    uint8_t* buffer = parser.builder_.GetBufferPointer();
    std::variant<const SyscollectorDeltas::Delta*, const SyscollectorSynchronization::SyncMsg*, const nlohmann::json*>
        syscollectorDelta = SyscollectorDeltas::GetDelta(reinterpret_cast<const char*>(buffer));
    auto scanContextOriginal = std::make_shared<TScanContext<TrampolineOsDataCache>>(syscollectorDelta);

    TPackageScanner<MockDatabaseFeedManager, TScanContext<TrampolineOsDataCache>> packageScanner(
        spDatabaseFeedManagerMock);

    std::shared_ptr<TScanContext<TrampolineOsDataCache>> scanContextResult;
    EXPECT_NO_THROW(scanContextResult = packageScanner.handleRequest(scanContextOriginal));

    EXPECT_TRUE(scanContextResult == nullptr);
}

TEST_F(PackageScannerTest, TestPackageDefaultStatusAffected)
{
    auto mockGetVulnerabilitiesCandidates =
        [&](const std::string& cnaName,
            std::string_view packageName,
            const std::function<bool(const std::string& cnaName,
                                     const NSVulnerabilityScanner::ScanVulnerabilityCandidate&)>& callback)
    {
        std::string candidatesFlatbufferSchemaStr;

        // Read schemas from filesystem.
        bool valid =
            flatbuffers::LoadFile(CANDIDATES_FLATBUFFER_SCHEMA_PATH.c_str(), false, &candidatesFlatbufferSchemaStr);
        ASSERT_EQ(valid, true);

        // Parse schemas and JSON example.
        flatbuffers::Parser fbParser;
        valid = (fbParser.Parse(candidatesFlatbufferSchemaStr.c_str(), INCLUDE_DIRECTORIES) &&
                 fbParser.Parse(CANDIDATES_DEFAULT_STATUS_AFFECTED_INPUT.c_str()));
        ASSERT_EQ(valid, true);

        auto candidatesArray =
            GetScanVulnerabilityCandidateArray(reinterpret_cast<const uint8_t*>(fbParser.builder_.GetBufferPointer()));

        if (candidatesArray)
        {
            for (const auto& candidate : *candidatesArray->candidates())
            {
                if (callback(cnaName, *candidate))
                {
                    // If the candidate is vulnerable, we stop looking for.
                    break;
                }
            }
        }
    };

    Os osData {.hostName = "osdata_hostname",
               .architecture = "osdata_architecture",
               .name = "osdata_name",
               .codeName = "upstream",
               .majorVersion = "osdata_majorVersion",
               .minorVersion = "osdata_minorVersion",
               .patch = "osdata_patch",
               .build = "osdata_build",
               .platform = "osdata_platform",
               .version = "osdata_version",
               .release = "osdata_release",
               .displayVersion = "osdata_displayVersion",
               .sysName = "osdata_sysName",
               .kernelVersion = "osdata_kernelVersion",
               .kernelRelease = "osdata_kernelRelease"};

    spOsDataCacheMock = std::make_shared<MockOsDataCache>();
    EXPECT_CALL(*spOsDataCacheMock, getOsData(_)).WillRepeatedly(testing::Return(osData));

    auto spDatabaseFeedManagerMock = std::make_shared<MockDatabaseFeedManager>();
    EXPECT_CALL(*spDatabaseFeedManagerMock, getCnaNameByFormat(_)).WillOnce(testing::Return("cnaName"));
    EXPECT_CALL(*spDatabaseFeedManagerMock, getVulnerabilitiesCandidates(_, _, _))
        .WillOnce(testing::Invoke(mockGetVulnerabilitiesCandidates));

    flatbuffers::Parser parser;
    ASSERT_TRUE(parser.Parse(syscollector_deltas_SCHEMA));
    ASSERT_TRUE(parser.Parse(DELTA_PACKAGES_INSERTED_MSG.c_str()));
    uint8_t* buffer = parser.builder_.GetBufferPointer();
    std::variant<const SyscollectorDeltas::Delta*, const SyscollectorSynchronization::SyncMsg*, const nlohmann::json*>
        syscollectorDelta = SyscollectorDeltas::GetDelta(reinterpret_cast<const char*>(buffer));
    auto scanContextOriginal = std::make_shared<TScanContext<TrampolineOsDataCache>>(syscollectorDelta);

    TPackageScanner<MockDatabaseFeedManager, TScanContext<TrampolineOsDataCache>> packageScanner(
        spDatabaseFeedManagerMock);

    std::shared_ptr<TScanContext<TrampolineOsDataCache>> scanContextResult;
    EXPECT_NO_THROW(scanContextResult = packageScanner.handleRequest(scanContextOriginal));

    ASSERT_TRUE(scanContextResult != nullptr);

    EXPECT_EQ(scanContextResult->m_elements.size(), 1);
    EXPECT_NE(scanContextResult->m_elements.find(CVEID), scanContextResult->m_elements.end());

    EXPECT_EQ(scanContextResult->m_matchConditions.size(), 1);
    EXPECT_NE(scanContextResult->m_matchConditions.find(CVEID), scanContextResult->m_matchConditions.end());

    auto& matchCondition = scanContextResult->m_matchConditions[CVEID];
    EXPECT_EQ(matchCondition.condition, MatchRuleCondition::DefaultStatus);
}

TEST_F(PackageScannerTest, TestPackageDefaultStatusUnaffected)
{
    auto mockGetVulnerabilitiesCandidates =
        [&](const std::string& cnaName,
            std::string_view packageName,
            const std::function<bool(const std::string& cnaName,
                                     const NSVulnerabilityScanner::ScanVulnerabilityCandidate&)>& callback)
    {
        std::string candidatesFlatbufferSchemaStr;

        // Read schemas from filesystem.
        bool valid =
            flatbuffers::LoadFile(CANDIDATES_FLATBUFFER_SCHEMA_PATH.c_str(), false, &candidatesFlatbufferSchemaStr);
        ASSERT_EQ(valid, true);

        // Parse schemas and JSON example.
        flatbuffers::Parser fbParser;
        valid = (fbParser.Parse(candidatesFlatbufferSchemaStr.c_str(), INCLUDE_DIRECTORIES) &&
                 fbParser.Parse(CANDIDATES_DEFAULT_STATUS_UNAFFECTED_INPUT.c_str()));
        ASSERT_EQ(valid, true);

        auto candidatesArray =
            GetScanVulnerabilityCandidateArray(reinterpret_cast<const uint8_t*>(fbParser.builder_.GetBufferPointer()));

        if (candidatesArray)
        {
            for (const auto& candidate : *candidatesArray->candidates())
            {
                if (callback(cnaName, *candidate))
                {
                    // If the candidate is vulnerable, we stop looking for.
                    break;
                }
            }
        }
    };

    Os osData {.hostName = "osdata_hostname",
               .architecture = "osdata_architecture",
               .name = "osdata_name",
               .codeName = "upstream",
               .majorVersion = "osdata_majorVersion",
               .minorVersion = "osdata_minorVersion",
               .patch = "osdata_patch",
               .build = "osdata_build",
               .platform = "osdata_platform",
               .version = "osdata_version",
               .release = "osdata_release",
               .displayVersion = "osdata_displayVersion",
               .sysName = "osdata_sysName",
               .kernelVersion = "osdata_kernelVersion",
               .kernelRelease = "osdata_kernelRelease"};

    spOsDataCacheMock = std::make_shared<MockOsDataCache>();
    EXPECT_CALL(*spOsDataCacheMock, getOsData(_)).WillRepeatedly(testing::Return(osData));

    auto spDatabaseFeedManagerMock = std::make_shared<MockDatabaseFeedManager>();
    EXPECT_CALL(*spDatabaseFeedManagerMock, getCnaNameByFormat(_)).WillOnce(testing::Return("cnaName"));
    EXPECT_CALL(*spDatabaseFeedManagerMock, getVulnerabilitiesCandidates(_, _, _))
        .WillOnce(testing::Invoke(mockGetVulnerabilitiesCandidates));

    flatbuffers::Parser parser;
    ASSERT_TRUE(parser.Parse(syscollector_deltas_SCHEMA));
    ASSERT_TRUE(parser.Parse(DELTA_PACKAGES_INSERTED_MSG.c_str()));
    uint8_t* buffer = parser.builder_.GetBufferPointer();
    std::variant<const SyscollectorDeltas::Delta*, const SyscollectorSynchronization::SyncMsg*, const nlohmann::json*>
        syscollectorDelta = SyscollectorDeltas::GetDelta(reinterpret_cast<const char*>(buffer));
    auto scanContextOriginal = std::make_shared<TScanContext<TrampolineOsDataCache>>(syscollectorDelta);

    TPackageScanner<MockDatabaseFeedManager, TScanContext<TrampolineOsDataCache>> packageScanner(
        spDatabaseFeedManagerMock);

    std::shared_ptr<TScanContext<TrampolineOsDataCache>> scanContextResult;
    EXPECT_NO_THROW(scanContextResult = packageScanner.handleRequest(scanContextOriginal));

    EXPECT_TRUE(scanContextResult == nullptr);
}

TEST_F(PackageScannerTest, TestPackageGetVulnerabilitiesCandidatesGeneratesException)
{
    auto mockGetVulnerabilitiesCandidates =
        [&](const std::string& cnaName,
            std::string_view packageName,
            const std::function<bool(const std::string& cnaName,
                                     const NSVulnerabilityScanner::ScanVulnerabilityCandidate&)>& callback)
    {
        throw std::runtime_error("Invalid package/cna name.");
    };

    Os osData {.hostName = "osdata_hostname",
               .architecture = "osdata_architecture",
               .name = "osdata_name",
               .codeName = "upstream",
               .majorVersion = "osdata_majorVersion",
               .minorVersion = "osdata_minorVersion",
               .patch = "osdata_patch",
               .build = "osdata_build",
               .platform = "osdata_platform",
               .version = "osdata_version",
               .release = "osdata_release",
               .displayVersion = "osdata_displayVersion",
               .sysName = "osdata_sysName",
               .kernelVersion = "osdata_kernelVersion",
               .kernelRelease = "osdata_kernelRelease"};

    spOsDataCacheMock = std::make_shared<MockOsDataCache>();
    EXPECT_CALL(*spOsDataCacheMock, getOsData(_)).WillRepeatedly(testing::Return(osData));

    auto spDatabaseFeedManagerMock = std::make_shared<MockDatabaseFeedManager>();
    EXPECT_CALL(*spDatabaseFeedManagerMock, getCnaNameByFormat(_)).WillOnce(testing::Return("cnaName"));
    EXPECT_CALL(*spDatabaseFeedManagerMock, getVulnerabilitiesCandidates(_, _, _))
        .WillOnce(testing::Invoke(mockGetVulnerabilitiesCandidates));

    flatbuffers::Parser parser;
    ASSERT_TRUE(parser.Parse(syscollector_deltas_SCHEMA));
    ASSERT_TRUE(parser.Parse(DELTA_PACKAGES_INSERTED_MSG.c_str()));
    uint8_t* buffer = parser.builder_.GetBufferPointer();
    std::variant<const SyscollectorDeltas::Delta*, const SyscollectorSynchronization::SyncMsg*, const nlohmann::json*>
        syscollectorDelta = SyscollectorDeltas::GetDelta(reinterpret_cast<const char*>(buffer));
    auto scanContextOriginal = std::make_shared<TScanContext<TrampolineOsDataCache>>(syscollectorDelta);

    TPackageScanner<MockDatabaseFeedManager, TScanContext<TrampolineOsDataCache>> packageScanner(
        spDatabaseFeedManagerMock);

    std::shared_ptr<TScanContext<TrampolineOsDataCache>> scanContextResult;
    EXPECT_NO_THROW(scanContextResult = packageScanner.handleRequest(scanContextOriginal));

    EXPECT_TRUE(scanContextResult == nullptr);
}
